WECON LeviStudio PLC HmiSet Type Buffer Overflow Exploit

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of LeviStudio Project files. By providing an overly long HmiSet Type XML attribute, an attacker can overflow a stack-based buffer and execute arbitrary code in the context of the current process.
Exploit type: 
Vulnerabilty ID: 
Product Version: 
Released Date: 
Monday, July 4, 2016 - 19:00